<?php
session_start();
include_once ("agoTimeFormat.php");
$myAgoObject = new convertToAgo;
include_once ("../db_connect.php"); // Connect to the database

if (!isset($_SESSION['password']) || $_SESSION['password'] == "") {
	echo "Please log in... (give them links or send them to msgToUser.php with this message)";
	exit();
} else {
	// Assume they are a member because they have a password session variable set
	// Check the database to be sure that their ID, password, and email session variables all match in the database
	$u_id = mysql_real_escape_string($_SESSION['id']);
	$u_name = mysql_real_escape_string($_SESSION['username']);
	$u_pass = mysql_real_escape_string($_SESSION['password']);
	$name = $_SESSION['fname'];
	
	$sql = mysql_query("SELECT * FROM tbl_account WHERE id='$u_id' AND username='$u_name' AND password='$u_pass' AND fname='$name'");
    echo $sql;
	$numRows = mysql_num_rows($sql);
    if ($numRows < 1) {
	    echo "ERROR: Your username and password doesn't exist in the system.";
	    exit();
    }
}


////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Check to make sure the URL variables of "sid" and "title" are set
if (!isset($_POST['forum_id']) || $_POST['forum_id'] == "" || !isset($_POST['forum_title']) || $_POST['forum_title'] == "") {
	echo "Important variables are missing";
	exit();
} else {
	// Acquire the variables and proceed to show them a form for creating a new topic
	$forum_section_id = preg_replace('#[^0-9]#i', '', $_POST['forum_id']); 
	$forum_section_title = preg_replace('#[^A-Za-z 0-9]#i', '', $_POST['forum_title']); 
}
///////////////////////////////////////////////////////////////////////////////////////////////////
$sql = mysql_query("SELECT * FROM forum_sections WHERE id='$forum_section_id' AND title='$forum_section_title'");
$numRows = mysql_num_rows($sql);
if ($numRows < 1) {
	    echo "ERROR: That section deos not exist.";
	    exit();
}


?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Create New Topic</title>
<script type="text/javascript" language="javascript"> 
<!--
function validateMyForm ( ) { 
    var isValid = true;
    if ( document.form1.post_title.value == "" ) { 
	    alert ( "Please create a title for your topic" ); 
	    isValid = false;
    } else if ( document.form1.post_title.value.length < 10 ) { 
            alert ( "Your title must be at least 10 characters long" ); 
            isValid = false;
    } else if ( document.form1.post_body.value == "" ) { 
            alert ( "Please type a message " ); 
            isValid = false;
    }
    return isValid;
}
//-->
</script>
</head>

<body>


	<table width="900" border="0" align="center" cellpadding="12" cellspacing="0">	  <tr>
		<td width="731" valign="top">
		<div id="breadcrumbs"><a href="index.php" style="font-size:14px; font-family:verdana, Geneva, sans-serif; text-align:justify;">Forum Home</a> &larr;
		<a href="section.php?id=<?php echo $forum_section_id; ?>" style="font-size:14px; font-family:verdana, Geneva, sans-serif; text-align:justify;"><?php echo $forum_section_title; ?></a>
		</div>
		<h2 style="font-size:14px; font-family:verdana, Geneva, sans-serif; text-align:justify;">Creating New Topic In the  <em><?php echo $forum_section_title; ?></em> Forum</h2>
		<form action="parse_post.php" method="post" name="form1">
		<input name="post_type" type="hidden" value="a" /><br>
		<p style="font-size:14px; font-family:verdana, Geneva, sans-serif; text-align:justify;">Topic Author :</p>
		<input name="topic_author" type="text" disabled="disabled" maxlength="64" style="width:96%;" value="<?php echo "$name"; ?>" />
		<br />
		<p style="font-size:14px; font-family:verdana, Geneva, sans-serif; text-align:justify;">Create a title for your topic :</p>
		<input name="post_title" type="text" maxlength="64" style="width:96%;" /><br />
		<p style="font-size:14px; font-family:verdana, Geneva, sans-serif; text-align:justify;">Type your message below :</p>
		<textarea name="post_body" rows="15" style="width:96%;"></textarea>
		<br /><br /><input name="" type="submit" value="Create Topic" onclick="javascript:return validateMyForm();"/>
		<input name="fsID" type="hidden" value="<?php echo $forum_section_id; ?>" />
		<input name="fsTitle" type="hidden" value="<?php echo $forum_section_title; ?>" />
		<input name="uid" type="hidden" value="<?php echo $_SESSION['id']; ?>" />
		<input name="upass" type="hidden" value="<?php echo $_SESSION['password']; ?>" />
		</form>
		
		</td>
	   </tr>
	</table>



</body>
</html>